Mike,
> 1) Do any of you need LDAP authorization as well? In addition to LDAP
> authentication, we need LDAP authorization. I see from looking at the
> Jetspeed-2 code that at least two interfaces exist which need LDAP
> implementations: GroupSecurityHandler and RoleSecurityHandler.
I believe that this implementation should include the
authorization, authentication and probably the 'user profile' storage
or mapping. In a first stage an authentication model will be
implemented (i think) and then the authorization part ( and profile
storage/mapping {i hope so =)} ).
> 2) Should this "first cut" of LDAP authentication include digest-based
> authentication, where the hashed password of a user is compared to the hash
> generated by the user when attempting to login? Doing so would save looking
> up the user, getting their DN, and then authenticating them. We really need
> that kind of performance here.
I think that this implementation should be standards based, open
source and free of any specific product rules, in this case for the
LDAP part we need to include all the authentication mechanisms
(anonymous, simple {clear text passwords}, SASL and kerberos 4) in
some way, but i don't know exactly how will do that =/ (research in
progress ;)).
> Please forgive me if I am not using JIRA correctly. This is my first use of
> it.
Is my fist JIRA use too.
Regards,
--
J. Edgar Zavala S. ak'a Kerberos
eMail: jezavala at gmail.com | jezs at kerberos-research dot com
PGP: 0x6B60B604/0x73C6D26B
Web: http://www.kerberos-research.org
-- My software never has bugs.It just develops random features --
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
